CVE-2019-1097

An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1093...

CVE-2019-1411

An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1432...

CVE-2019-1123

A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1124,...

CVE-2019-1127

A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123,...

CVE-2019-1117

A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124,...

SUSE CVE-2014-1551

Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 on Windows allows remote attackers to execute arbitrary code via crafted use of fonts in MathML content, leading to improper handling of a...

SUSE CVE-2015-7203

Buffer overflow in the DirectWriteFontInfo::LoadFontFamilyData function in gfx/thebes/gfxDWriteFontList.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted font-family name...

The vulnerability in the programming interface of DirectWrite on the Microsoft .NET Framework software platform, as well as in Microsoft Office applications, the Live Meeting web conference software, Microsoft Lync instant messaging software, and the Microsoft Silverlight software platform, arises due to errors in syntax analysis of TrueType fonts. This vulnerability allows an attacker to execute arbitrary code.

The vulnerability of the DirectWrite programming interface on the Microsoft .NET Framework, Microsoft Office applications, the web conferencing software Live Meeting, the instant messaging software Lync, and the Microsoft Silverlight platform is related to errors in syntax analysis of TrueType...

audir (=0.1.0), com-impl (>=0.1.0 <=0.1.1) +6 more potentially affected by CVE-2021-45681 via derive-com-impl (=0.1.1)

derive-com-impl CARGO version =0.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on derive-com-impl and may be impacted: - audir =0.1.0 - com-impl =0.1.0, =0.3.0-alpha1, =0.3.0-alpha1, =0.3.0-alpha4 - dxgi =0.3.0-alpha4 - wic =0.3.0-alpha1 Source cves...

The vulnerability of the DirectWrite programming interface in Microsoft Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the DirectWrite programming interface in Microsoft Windows operating systems is related to improper handling of code generation. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

Mozilla Firefox Security Advisory (MFSA2014-59) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

Microsoft Windows/Windows Server Remote Code Execution Vulnerability (CNVD-2021-62482)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation U.S. Microsoft Windows is an operating system for personal devices, and Microsoft Windows Server is a server operating system. A remote code execution vulnerability exists in DirectWrite in Microsoft...

CVE-2021-34489

DirectWrite Remote Code Execution Vulnerability...

CVE-2021-34489

DirectWrite Remote Code Execution Vulnerability...

CVE-2021-34489

CVE-2021-34489 is a DirectWrite remote code execution vulnerability in Microsoft Windows/Windows Server. The issue affects the DirectWrite component and is described as enabling arbitrary code execution with a HIGH impact, requiring user interaction (UI:R) and a local vector (AV:L/AC:L on CVSS3) ...

CVE-2021-34489 DirectWrite Remote Code Execution Vulnerability

...

Microsoft Graphics Component 代码注入漏洞

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation U.S. Microsoft Windows is an operating system for personal devices, and Microsoft Windows Server is a server operating system. A remote code execution vulnerability exists in DirectWrite in Microsoft...

KLA12221 Multiple vulnerabillities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, gain privileges, bypass security restrictions, obtain sensitive information, spoof user interface. Below is a complete list of...

PT-2021-5684 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to incorrect code generation management in the DirectWrite application programming interface of Microsoft Windows operating systems. It allows remote attacker...

The vulnerability of the DirectWrite programming interface in Windows operating systems allows attackers to disclose sensitive information.

The vulnerability of the DirectWrite programming interface in Windows operating systems is related to errors in object handling in memory. Exploiting this vulnerability can allow a remote attacker to expose sensitive information, by convincing the user to visit a malicious web page or open a...